Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Crypto Listing Alert
v1.0.2Use when users want to subscribe, pay, or manage Crypto Listing Alert notifications for exchange listing events and need Telegram, Discord, or Email delivery...
⭐ 0· 59·0 current·0 all-time
bysyx-ass@xyz-ass
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (subscribe/pay/manage crypto listing alerts) aligns with the provided CLI tool (index.cjs). However SKILL.md asks the agent to obtain Telegram/Discord bot tokens and channel IDs from an 'openclaw config file' and to parse chat IDs from message context metadata; those cross-skill/agent config accesses are not declared in the skill metadata and are disproportionate to the claimed requirements.
Instruction Scope
Runtime instructions direct the agent to read bot tokens and channel IDs from an OpenClaw config and to parse chat IDs from current message context. The included CLI actually expects explicit flags (e.g. --bot-token, --telegram) and the code saves/reads its own config at ~/.exchange-alerts/config.json. The SKILL.md therefore asks the agent to access agent/system-level config and runtime message metadata that aren't referenced in the code or declared in the skill manifest.
Install Mechanism
No install spec (instruction-only) but the package includes an executable Node script (index.cjs). No external downloads; script runs via node. The script reads/writes a config file under the user's home (.exchange-alerts/config.json) which is expected behaviour but should be noted.
Credentials
Skill metadata declares no required env vars or credentials, but SKILL.md instructs the agent to retrieve Telegram/Discord bot tokens and channel IDs from an OpenClaw config and parse chat IDs from message context; those are sensitive credentials and cross-skill reads are not declared. The primary API key for listingalert.org is reasonable, but the implicit requirement to access other skills' tokens is disproportionate and not documented in requires.env or config paths.
Persistence & Privilege
The skill does persist the service API key in a config file under the user's home (~/.exchange-alerts/config.json) when the login command is used. always is false and autonomous invocation is allowed (default). No evidence the skill modifies other skills or global agent settings, but the instruction to read OpenClaw config suggests potential cross-skill config access which is not implemented or declared.
What to consider before installing
This skill appears to implement subscription and payment flows for an external service (listingalert.org) and will save an API key to ~/.exchange-alerts/config.json. However the SKILL.md asks the agent to pull Telegram/Discord bot tokens, channel IDs, and chat IDs from an "openclaw" config and message context — sensitive credentials that are not declared in the manifest and are not obviously required by the included CLI (the CLI expects explicit flags). Before installing: 1) Ask the author to clarify where/how bot tokens and channel IDs are obtained and to declare any config paths or env vars. 2) Inspect index.cjs yourself (or in a sandbox) to confirm it does not read other agent configs or exfiltrate secrets. 3) Avoid granting the agent access to other skills' tokens or global config; prefer providing bot tokens/IDs explicitly and only when necessary. 4) Be aware the skill will write ~/.exchange-alerts/config.json with the API key. If you cannot verify the author or behavior, run it in an isolated environment or decline installation.Like a lobster shell, security has layers — review code before you run it.
binance okx bitget bybit coinbase upbit gate crypto listing alert real-timevk9724x3n2ezmnd9nb0vrvq733583yz7dlatestvk9799w1j43pf78adnanrsqbnxx842fj6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.